Calvin Kennedy

Privacy Policy

Last updated: 6 April 2026

1. Who we are

This website is operated by Calvin Kennedy, a sole trader based in Sydney, Australia, trading as calvinkennedy.com. For privacy enquiries, contact hello@calvinkennedy.com.

2. What information we collect

We may collect the following personal information:

  • Contact details — name, email address, phone number, and business name when you submit a form on this site or reply to an email from us.
  • Business information — your industry, role, and project details when you request a consultation.
  • Publicly available business information — business name, email address, phone number, and location sourced from public directories (e.g., Google Business Profile, Yellow Pages, industry association listings) for the purpose of offering relevant business services.
  • Usage data — anonymised analytics data collected via PostHog, including pages visited, referral source, and device type. No personally identifiable information is stored in analytics.
  • Phone numbers from missed calls — if you call a dental practice that uses our missed-call SMS service and your call is not answered, we automatically receive your phone number from the call data provided by the practice's phone system via Twilio.
  • SMS interaction data — delivery status, timestamps, and opt-out responses (e.g., STOP replies) related to automated SMS messages sent on behalf of dental practices.

3. How we collect information

  • Directly from you — when you fill in a contact form, subscribe to our newsletter, or email us.
  • From public sources — business email addresses and contact details that are conspicuously published on publicly accessible websites, directories, or business listings. We collect this information manually, not through automated scraping or harvesting software.
  • Automatically — anonymised usage data via privacy-focused analytics (PostHog, self-hosted where possible).
  • Via Twilio (missed-call SMS service) — when a call to a participating dental practice goes unanswered, the practice's phone system forwards call data (including the caller's phone number) to our system via Twilio. This collection is automatic and occurs without direct interaction with you.

4. Why we collect information

We use your personal information for the following purposes:

  • To respond to your enquiries and provide consulting services.
  • To send you information about services that are directly relevant to your business role (under inferred consent as defined in Schedule 2 of the Spam Act 2003).
  • To send newsletters you have subscribed to.
  • To improve our website and services.
  • To comply with legal obligations.
  • To send automated SMS messages on behalf of dental practices when a patient's call is missed, acknowledging the missed call and optionally providing a booking link.
  • To process opt-out requests (STOP replies) and maintain a suppression list so you are not contacted again.

5. Who we share information with

We do not sell, rent, or trade your personal information. We may share information with:

  • Service providers — email delivery (Resend), payment processing (Stripe), hosting (Vercel), analytics (PostHog), and telephony/SMS (Twilio). These providers process data on our behalf and are bound by their own privacy policies.
  • Dental practices — if you call a dental practice that uses our missed-call SMS service, the SMS you receive is sent on behalf of that practice. The practice is the entity responsible for the communication; we act as a service provider processing data on their behalf.
  • Legal requirements — if required by law, regulation, or legal process.

6. How we protect information

We take reasonable steps to protect personal information from misuse, loss, unauthorised access, modification, and disclosure. This includes encrypted storage, access controls, and secure transmission (HTTPS). Credentials are stored in encrypted vaults and are never exposed in code.

7. Missed-call SMS service

We operate an automated missed-call SMS service on behalf of dental practices. This section explains how that service handles personal information.

How it works

When you call a dental practice that uses our service and your call is not answered, the practice's phone system forwards the call to our platform via Twilio. Our system automatically sends you an SMS within seconds, acknowledging the missed call. The SMS is sent on behalf of the dental practice, not on our own behalf.

What information is collected

We receive your phone number and basic call metadata (time of call, call duration, caller ID) from Twilio. We do not receive your name or any other personal details from the call itself.

How to opt out

You can reply STOP to any SMS you receive from this service. Your number will be added to our suppression list immediately and you will not receive any further messages. You can also contact us at hello@calvinkennedy.com to request opt-out or deletion.

Health-adjacent information

We recognise that calling a dental practice may imply you are seeking dental care. While we do not collect or store health information directly, we treat the fact that you called a dental practice as sensitive, health-adjacent information and apply additional care in how we store, process, and protect this data. We do not use this information for any purpose other than sending the missed-call SMS on behalf of the dental practice.

8. Cross-border data transfers

Some of our service providers are based in the United States. Under Australian Privacy Principle 8 (APP 8), we are required to inform you when your personal information may be disclosed to overseas recipients. The following sub-processors may receive or process your personal information:

  • Twilio Inc (United States) — telephony and SMS delivery. Twilio holds APEC Cross-Border Privacy Rules (CBPR) certification, providing a recognised framework for cross-border data protection.
  • Vercel Inc (United States) — website and API hosting. Our application runs on Vercel's serverless infrastructure with data processed in the Sydney region where available.
  • Neon Inc (United States) — database hosting. Our database is hosted on Neon's serverless PostgreSQL platform.

We take reasonable steps to ensure that overseas recipients handle your personal information in accordance with the Australian Privacy Principles. This includes selecting providers with strong privacy practices, data processing agreements, and recognised certifications.

9. Your rights

You have the right to:

  • Access — request a copy of the personal information we hold about you.
  • Correction — request correction of inaccurate or incomplete information.
  • Deletion — request deletion of your personal information (subject to legal retention obligations).
  • Unsubscribe — opt out of marketing emails at any time by replying "unsubscribe" or using the unsubscribe link in any email. We will honour unsubscribe requests within 5 business days.
  • SMS opt-out — reply STOP to any SMS from our missed-call service to immediately stop receiving messages.

To exercise any of these rights, email hello@calvinkennedy.com. We will respond to access and correction requests within 30 days.

10. Data retention

We retain personal information only for as long as necessary for the purpose it was collected. Contact form submissions and enquiry data are retained for up to 24 months after our last interaction. If you unsubscribe from marketing emails, we will delete or de-identify your data within 30 days unless a legal obligation requires us to retain it.

For the missed-call SMS service specifically:

  • Call and SMS records (phone numbers, timestamps, delivery status) are retained for 12 months from the date of the interaction.
  • When a dental practice terminates their service with us, all data processed on their behalf is deleted within 30 days of service termination.
  • Opt-out records (STOP requests) are retained indefinitely to ensure we do not contact you again.

11. Cookies and tracking

This site uses privacy-focused analytics (PostHog) to understand how visitors use our website. PostHog stores a first-party cookie and uses localStorage on your device to maintain an anonymous session identifier across page views. This data is used solely for analytics purposes (e.g., page views, feature usage, session duration). We do not use third-party cookies for advertising and do not run retargeting ads or share analytics data with advertisers.

Essential cookies may be used for authentication and session management in the client portal.

12. Australian Privacy Act 1988

We handle personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). While the small business exemption may currently apply, we operate as if it does not, in anticipation of its removal.

13. Spam Act 2003 compliance

All commercial electronic messages sent by us comply with the Spam Act 2003 (Cth). Every message includes accurate sender identification, valid contact details, and a functional unsubscribe mechanism. We only contact business email addresses that are conspicuously published and where consent can reasonably be inferred under Schedule 2 of the Act.

For our missed-call SMS service, the dental practice is the "sender" of the SMS under the Spam Act. We act as the sending service provider. Each SMS identifies the dental practice by name and includes a STOP opt-out mechanism.

14. Complaints

If you believe we have breached the Australian Privacy Principles, you may lodge a complaint by emailing hello@calvinkennedy.com. We will acknowledge your complaint within 7 days and aim to resolve it within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au/privacy/privacy-complaints.

15. Changes to this policy

We may update this privacy policy from time to time. The "last updated" date at the top of this page indicates when the policy was last revised. Continued use of this website after changes constitutes acceptance of the updated policy.

16. Contact

For any privacy-related questions or requests, contact:
Calvin Kennedy
hello@calvinkennedy.com
calvinkennedy.com

Newsletter

Short notes on building AI agents in production.

One email when something worth sharing ships. No fluff, no daily cadence, no recycled growth-thread noise.

Primary use: consulting updates, governed AI workflow lessons, and major project writeups.